Release 10.1A: OpenEdge Development:
Progress 4GL Reference

VALIDATE-SEAL( ) method

Validates the message authentication code (MAC) generated by the SEAL( ) method to seal a Client-principal object.

You can use this method to validate the seal whenever necessary.

Return type: LOGICAL

Applies to: Client-principal object handle

Syntax

VALIDATE-SEAL( [ validation-key ] )

validation-key

An optional character expression containing the authentication domain’s key to use in validating the MAC that sealed the Client-principal object. Progress converts this key to UTF-8 before using it, which ensures a consistent value regardless of code page settings.

If you specify a validation key, Progress uses that key to validate the seal. If you do not specify a validation key, Progress uses the authentication domain’s key stored in the application’s trusted authentication domain registry for the Client-principal object to validate the seal. Progress validates the seal by comparing it to the MAC generated by either the specified validation key or the authentication domain key stored in the trusted authentication domain registry. If the seal matches the MAC, then the seal is valid and this method returns TRUE. Otherwise, the seal is invalid and this method returns FALSE.

If the Client-principal object is not sealed and not in the LOGIN state, Progress generates a run-time error.

Progress also checks the LOGIN-EXPIRATION-TIMESTAMP attribute. If the Client-principal object expires before you can validate its seal, Progress sets the LOGIN-STATE attribute to “EXPIRED” and returns FALSE.

Calling this method does not generate an audit event or an audit record.

Example

The following code fragment illustrates how to use the VALIDATE-SEAL( ) method:

DEF VAR hCP as HANDLE. DEF VAR key as CHAR. DEF VAR val-ok as LOGICAL. . . . CREATE CLIENT-PRINCIPAL hCp. . . . val-ok = hCP:VALIDATE-SEAL(key).

See also

LOGIN-EXPIRATION-TIMESTAMP attribute, LOGIN-STATE attribute, SEAL( ) method